Saturday, October 20, 2012

The Pillager 0.7 Release

I spent the last couple days recoding the Pillager, getting rid of bugs, optimizing code, making it more extendable and more solid overall. So this post is to release the new code. However, with that being said, the Pillager is in mass revision right now and I added some more developers to the team to add a whole host of new database attacking features as well as moving past databases and into other areas of post exploitation pillaging. Soon to be released.. As usual this tool and any tool i create is based on my issues when performing penetration tests and solves those problems.. If you have any insight or comments i will certainly take them into consideration for future releases.

For now check out Version 0.7.. Named searches and Data searches via external config files are now functioning properly as well as other bugs fixed along the way... Drop this in a BT5 VM and make sure you have your DB python stuff installed per the help docs and you should be good to go. If you are looking to use oracle you are going to have to install all the oracle nonsense from oracle or use a BT4r2 vm which has most of the needed drivers minus cxoracle which will need to be installed.

Release Notes:
--Fixed bugs and optimized code
--Added Docstrings
--Fixed Named and Data searches from config files About:The Database Pillager is a multiplatform database tool for searching and browsing commondatabase platforms encountered while penetration testing. DBPillage can be used to searchfor PCI/HIPAA data automatically or use DBPillage to browse databases,display data.and search for specified tables/data instances.DBpillage was designed as a post exploitation pillaging tool with a goal of targetedextraction of data without the use of database platform specific GUI based tools thatare difficult to use and make my job harder.Supported Platforms:
---------------------Oracle-MSSQL-MYSQL
-PostGreSQL